Particle Photon connects to phone hotspot, home wifi but not to office wifi?

Hi,

I tried connecting particle photon to my phone’s hotspot, it works.

I tried connecting it to home wifi, it works.

However, when I try to connect it to the office wifi router, it doesn’t work. I logged in to the router web interface to check if the photon appears in the list of connected devices. The photon appears in the routers list of devices for some time and then disappears. So I tried to connect it again, but this time I kept the photon close to the router, because some people discuss about wifi range. Still the same problem persists.

When I try to connect it, it just blinks cyan, then 3 times red, then blinks green for sometime and then blinks cyan, and the cycle continues. Here is a video https://youtu.be/Gb0jqd3gU2E

I see that some people discuss about red/orange burst. So I changed the keys with particle keys doctor command. This step was successful. But the problem still persists.

I took my office router to home, here the photon got connected to the cloud immediately!

My office internet provider in building has MAC filtering. However, we have provided them the MAC address of our office router so that we can access the internet. Therefore, everytime we connect a phone or laptop in office to office router, we just have to use the SSID and password (WPA/WPA2).

Can someone please help me understand what the problem is all about and give a solution so that I can connect the photon to office wifi?

The most likely cause is that the corporate firewall is blocking TCP port 5683 outbound (CoAP).

You can tell for sure by running the Photon Cloud Debug firmware and capturing a log by USB serial:

2 Likes

Hi,

Thank you for the response. After following the code, it seems you are right. It shows “could not connect to device server by CoAP”. I am not a computer expert, could you please let me know what i should do now?

Thank you

The first choice would be to see if your network administrator could just open up TCP 5683 outbound for everyone.

The second choice is to whitelist TCP 5683 outbound by Photon MAC address.

The third choice is to whitelist the destination addresses. This is less ideal, because the IP addresses may change over time:

The Particle device cloud is comprised of many servers running in different places around the world. We routinely start and stop servers automatically to meet demand, and during routine maintenance, and it would be difficult to commit to a range of stable IP addresses. Our domain device.spark.io is dynamically updated and regenerated to reflect what local servers are available for devices, and is the best way to get a list of local servers to approve, but it is subject to routine change.

One alternative is to whitelist all Photon devices by MAC address, allowing them to make outgoing TCP connections to port 5683 on any host.

If this is not possible, as of the time of writing this is the list of IP addresses. It is subject to change.

  • 34.228.24.195
  • 52.90.98.3
  • 34.224.22.50
  • 52.90.147.116
  • 107.22.28.43
  • 52.91.51.61
  • 54.90.239.114
  • 107.22.156.56
  • 34.207.234.253
  • 52.204.226.242

If a new server is added, and is blocked by your firewall, it will time out and try again using a different server, but this will increase the time it takes to connect to the cloud.

2 Likes

Hi,

Thank you for your quick and detailed response.

If i understand correctly, what you are saying is, we must give the MAC address of Photon to the internet provider of my building who has MAC filtering. So that they could whitelist the photon?

Am i right?

Thank you

Well, it depends on what their security requirements are. They can do one of three things:

  1. Open up 5683 outbound for everyone.
  2. Open up 5683 outbound for Photons. This most commonly done by the Photon MAC addresses.
  3. Open up 5683 outbound to certain servers (the list of IP addresses above).

Hi,

We opened the 5683 port for photon. This didn’t help.

Both TCP and UDP were opened. However, when we try to connect the photon to wifi, it goes back to the ‘cyan, red, green, cyan’ blink; as i mentioned previously.

Please let us know what we can do now?

Thank you

Did you capture the cloud debug log? You can either copy and paste it here, or create a support ticket with it.

Hi,

First i gave the command “particle flash --usb clouddebug.bin”. It showed “could not connect to device server by CoAP”.

Then i gave the command “particle compile photon clouddebug.cpp --target 0.5.3 --saveTo clouddebug.bin”. It showed “Compile failed: I couldn’t find: clouddebug.cpp”

Then i changed it to “particle compile photon clouddebug.cpp --target 0.8.0-rc.10 --saveTo clouddebug.bin”. It showed “Compile failed: I couldn’t find: clouddebug.cpp”

Then i gave the command “dfu-util -d 2b04:d008 -a 0 -s 0x8020000:leave -D combined-p1.bin”. It downloaded something. But i couldn’t find it anywhere? Is this what you want me to capture?

Here is a screenshot of the command prompt:
7

After this, the photon is stuck in DFU mode.

Hi,

I want to clarify something.

We opened the 5683 port for photon in our office router settings, according to the guidelines of the router company https://www.dlink.com.sg/how-do-i-open-ports-on-my-dir-890l/.

Is this what we should do or we need to open this port somewhere else?

Thank you

This was the correct command to use:

particle flash --usb clouddebug.bin

It’s the full output from the particle serial monitor that included the could not connect to device server by CoAP message that I need to see.

Your office router probably doesn’t have port filtering outbound, the instructions you linked to are for inbound port forwarding, which is not necessary to enable. Actually, you should turn that back off if you turned it on.

It could be the building filtering the requests, but it’s hard to know for sure without the log. There is also a possibility it’s a DNS problem, which the log would also show.

1st%20command

It looks like something past your office network is probably blocking CoAP (outbound TCP 5683). The DNS looks normal and 34.224.22.50 is a valid Particle cloud server.

Unfortunately that will make it difficult to connect by Wi-Fi without the ability to adjust settings on the building network.

Two alternatives are to use a cellular hotspot, or to use a VPN.

Hi

We asked the building internet administrator about this problem and inquired if they should open this port 5683 for us. They just asked us to open the port in the router settings as i mentioned earlier (we have disabled it now).

Please let us know how to use the VPN option with photon?

Thank you

A VPN operates independently of the Photon. You could always use Wireshark to sniff packets on both sides of the router to see if it is a building network problem or a firewall problem. With those consumer routers, the default configuration usually allows all outbound traffic. If you think, or scientifically determine, this is a router problem, Dlink support should be your next stop.

1 Like

Hi,

I have checked the office router in home. Photon connects to cloud instantly. I suppose, router is not the problem.

Thank you